Snap-confine has elevated permissions and is not confined but should be


#1

I use snap whenever possible and now I’m on Kali. The snap-confine problem occurs from time to time and right now the only solution i know is to remove snapd and install it again which hardly can be called a solution because i have to install snaps all over again. I read somewhere this problem can be solved when kernel 4.14 is out. Now i’m on kernel 4.15 and still bumping into this issue. Is there a solution to this problem that doesn’t involve reinstalling all snaps over and over?

$ snap --version
snap    2.32.3
snapd   2.32.3
series  16
kali    2018.2
kernel  4.15.0-kali2-amd64

#2

OK i solved my issue by starting apparmor. Something has disabled it i guess during a major update which includes kernel update apparmor gets inactive and after reboot snap confine problem appears. to check i f appamor is running do the following

$ systemctl status apparmor
● apparmor.service - AppArmor initialization
   Loaded: loaded (/lib/systemd/system/apparmor.service; disabled; vendor preset: disabled)
   Active: inactive (dead)
     Docs: man:apparmor(7)
       http://wiki.apparmor.net/

If the output says its inactive enable it by systemctl start apparmor and then run your snap.


#3

Just FYI: systemctl start foo will start foo now but not on next boot. You want to use systemctl enable foo which will make it start automatically each time (you should also start it now with the first command).